From 3f9a8de27ed8e13393433c42ed6f951ccfb7d99c Mon Sep 17 00:00:00 2001 From: Leo Sandoval Date: Wed, 14 Aug 2024 11:00:59 -0600 Subject: [PATCH] 20-grub.install: fix SELinux security type context for BLS Resolves: #RHEL-4395 Signed-off-by: Leo Sandoval --- 20-grub.install | 11 ++++------- grub2.spec | 6 +++++- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/20-grub.install b/20-grub.install index dd2018a..2bb65b8 100755 --- a/20-grub.install +++ b/20-grub.install @@ -90,13 +90,10 @@ case "$COMMAND" in [[ -d "$BLS_DIR" ]] || mkdir -m 0700 -p "$BLS_DIR" BLS_ID="${MACHINE_ID}-${KERNEL_VERSION}" BLS_TARGET="${BLS_DIR}/${BLS_ID}.conf" - if [[ -f "${KERNEL_DIR}/bls.conf" ]]; then - cp -aT "${KERNEL_DIR}/bls.conf" "${BLS_TARGET}" || exit $? - else - mkbls "${KERNEL_VERSION}" \ - "$(date -u +%Y%m%d%H%M%S -d "$(stat -c '%y' "${KERNEL_DIR}")")" \ - >"${BLS_TARGET}" - fi + mkbls "${KERNEL_VERSION}" \ + "$(date -u +%Y%m%d%H%M%S -d "$(stat -c '%y' "${KERNEL_DIR}")")" \ + >"${BLS_TARGET}" + command -v restorecon &>/dev/null && restorecon -R "${BLS_TARGET}" LINUX="$(grep '^linux[ \t]' "${BLS_TARGET}" | sed -e 's,^linux[ \t]*,,')" INITRD="$(grep '^initrd[ \t]' "${BLS_TARGET}" | sed -e 's,^initrd[ \t]*,,')" diff --git a/grub2.spec b/grub2.spec index 3d3ece3..d109ef0 100644 --- a/grub2.spec +++ b/grub2.spec @@ -7,7 +7,7 @@ Name: grub2 Epoch: 1 Version: 2.02 -Release: 156%{?dist} +Release: 157%{?dist} Summary: Bootloader with support for Linux, Multiboot and more Group: System Environment/Base License: GPLv3+ @@ -510,6 +510,10 @@ fi %endif %changelog +* Wed Aug 14 2024 Leo Sandoval - 2.02-157 +- 20-grub-install: fix SELinux security type context for BLS +- Resolves: #RHEL-4395 + * Tue Feb 20 2024 Nicolas Frayer - 2.02-156 - fs/ntfs: OOB write fix - (CVE-2023-4692)